Beware of the exploits in Google chrome

Are You Using Exploited Version of Google Chrome?

Beware of the exploits in Google chrome

Even the biggest of tech giants is also vulnerable to online security threats, and with ever-changing technology, they also have to keep up the pace in an attempt to stay ahead of cybercriminals.

Last week seven security vulnerabilities were found in Google’s famous web browser chrome. One of them was categorized as critical and a real-world exploit.

Technical program manager Srinivas Sista acknowledged the exploit publicly in a blog post.

There was a security update released on Tuesday by Google for the Chrome web browser, which includes seven fixes, one of which had a real-world exploit.

Security researcher Jose Martinez reported a type of confusion vulnerability to the company on April 5 that was tracked as CVE-2021-21224.

How did the exploit work?

During the conversion of the data type from integer to different data types, a value outside of bounds is triggered, making it possible to execute arbitrary memory read/write primitives. 

Earlier this week, researchers discovered proof-of-concept code exploiting the flaw, but the V8 source code was not patched, and it didn’t reach Chrome, Microsoft Edge, Brave, Vivaldi, or Opera. 

The open-source code repository patches were not released as stable updates in the one-week patch gap until they were uploaded to the open-source repository.

Google’s latest set of fixes also coincides with an earlier patch last week released in response to two security vulnerabilities (CVE-2021-21206 and CVE-2021-21220), the latter of which was demonstrated at the Pwn2Own hacker competition earlier this month.

Latest Version Update of Google Chrome

The latest version of Chrome, Chrome 90.0.4430.85, is expected to roll out in the coming days. Users can keep Chrome as is or update it here.

After the seven vulnerabilities were discovered initially, Google fixed them without wasting any time.

However, it is recommended to update Google Chrome to the latest version for the best experience and secure web browsing.

Leave a Comment

Your email address will not be published.

schedule a meeting us, Leave your details and we'll talk soon.